From: Me Now on

Maybe a little off topic as Wireshark is available in several flavours

I have captured traffic from our corporate LAN for about a week and now
I have a sizeable collection of 20MB capture files.

Are there any tools available for Linux that will parse the information
in the capture files and extract information based an a particular
criteria? I know I can filter the traffic within wireshark but that is
impractical for my immediate requirements.

A couple of examples:

1. Identify all traffic on port 8080 to a specific IP address and create
a single list of GET requests using all the capture files.

2. Identify all SMTP traffic and write each captured email to a separate

I appreciate the examples are very different but it gives you an idea of
the scope of requirements I have!

Any help would be greatly appreciated,

Me Now.

Posted via a free Usenet account from